The Manager of Information Security Operations is responsible for managing the Information Security Operations team to provide consistent performance of required processes and appropriate response to alerts and threats. Manager, Information Security Operations develops and manages the Information Security Operations Center (ISOC), providing situational awareness through the detection, containment and remediation of IT threats. Identifies IT incidents and ensures they are properly identified, analyzed, communicated, investigated and reported. Leads the security operations team to ensure operating environments are maintained to optimal performance and meet defined service levels.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
•Develops and manages an information security operations center (ISOC), monitoring, assessing and defending the enterprise information systems, including websites, applications, databases, data centers, servers, networks, desktops and other endpoints.
• Manages daily technical operations of the information security team.
• Designs and oversees the execution of internal security testing methodologies and execution; conducts vulnerability testing and remediation on software, architecture and vendors.
Conducts risk assessments of new and existing systems and software.
• Evaluates, selects and implements security systems/tools while monitoring technology to further strengthen the security posture; optimizes the existing security tools and processes.
• Prepares for periodic audits.
• Manages and coordinates the security aspects of moving a data center to a new location.
• Reconfigures security architecture of a network to support micro-segmentation based upon security zones.
• In coordination with Networking, tests, configures and remediates firewalls, routers and switches to achieve and maintain required security standards and best practices; enforces security policies
• Manages the security aspects of system backup and recovery, backup data center(s) and business continuity.
• Manages and conducts investigations of security incidents, applying proper forensic and investigative techniques.
• Maintains ongoing knowledge of relevant activities (e.g., payment card fraud) in the cyber underground using commercial and free tools for intelligence gathering and analysis.
• Maintains an ongoing relationship with applicable law enforcement agencies, as well as other agencies such as Infragard and FIRST, in coordination with the VP Information Security/CISO.
• Makes technical presentations and status reports to management and the executive team.
• Manages the technical security aspects of vendor interactions.
Manages employees in the assigned department. Responsible for the overall direction, coordination, and evaluation of these units. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Education and/or Experience
• 10 years’ experience in information security with a focus on technology operations, including 3 years of supervisory experience.
• Bachelor’s degree in computer science, information security or a related field (MS in information security preferred).
• CISSP designation.
• CISM or similar certification preferred.
• Previous experience in financial institution preferred.
• Excellent communications skills, both oral and written.